Commit 990fee6c authored by nimrod's avatar nimrod
Browse files

Backups. 

- Backup and restore scripts.
- Run backups weekly, save the last 18 days of backups.
- Store backups in the host's /var/backups.
parent e7e0e8de

crond/Dockerfile

+2 −1
Original line number Diff line number Diff line
@@ -3,4 +3,5 @@ FROM registry.shore.co.il/cron as supersonic 
# hadolint ignore=DL3002

USER root

# hadolint ignore=DL3018

RUN apk add --update --no-cache docker-cli
 
RUN apk add --update --no-cache docker-cli zstd

VOLUME /var/backups

crond/backup

0 → 100755
+40 −0
Original line number Diff line number Diff line 
#!/bin/sh

set -eu



# A backup script to backup Nextcloud as described in

# https://docs.nextcloud.com/server/latest/admin_manual/maintenance/backup.html.

# This runs inside a different Docker container that has access to the Docker

# daemon so it can run commands in the Nextcloud and database  containers to

# generate the snapshots. Also, because Nextcloud has to be put in maintenance

# mode to create a consistent backup, care has been given to make sure that the

# maintenance window is short as possible. Backups as saved under /var/backups

# which should be a Docker volume.



alias nc_run='docker exec -u www-data nextcloud_nextcloud_1'

alias db_run='docker exec -u nobody nextcloud_mysql_1'



cleanup () {

    nc_run php occ maintenance:mode --off

    nc_run rm -rf "$tmpdir"

}



now="$(date --utc --iso-8601=seconds)"

dest="/var/backups/$now"

mkdir "$dest"



trap 'cleanup' INT QUIT EXIT TERM

tmpdir="$(basename "$(nc_run mktemp --directory --tmpdir=.)")"

nc_run php occ maintenance:mode --on



nc_run find -maxdepth 1 -mindepth 1 \! -name "$tmpdir" -exec \

    cp --archive --reflink=always "--target=$tmpdir" {} \; &



# shellcheck disable=SC2016

db_run sh -c \

    'mysqldump --single-transaction --default-character-set=utf8mb4 --routines --add-drop-database --force "--password=$MYSQL_ROOT_PASSWORD" --user=root --databases "$MYSQL_DATABASE"' | \

    zstd -o "$dest/mysqldump.sql.zstd" &



wait

nc_run php occ maintenance:mode --off



nc_run tar -c "$tmpdir" | zstd -o "$dest/nextcloud_volume.tar.zstd"

crond/crontab

+2 −0
Original line number Diff line number Diff line 
*/5  *  *  *  * docker exec -u www-data nextcloud_nextcloud_1 php /var/www/html/cron.php || wget --spider https://notify.shore.co.il/send?message=Nextcloud%20cron%20failed.

@weekly backup || wget --spider https://notify.shore.co.il/send?message=Nextcloud%20backup%20failed.

@daily find /var/backups -atime +18 -delete

crond/restore

0 → 100755
+19 −0
Original line number Diff line number Diff line 
#!/bin/sh

set -eux



src="$1"



alias nc_run='docker exec -iu www-data nextcloud_nextcloud_1'

alias db_run='docker exec -iu nobody nextcloud_mysql_1'



nc_run php occ maintenance:mode --on



# shellcheck disable=SC2016

zstdcat "$src/mysqldump.sql.zstd" | \

    db_run sh -c \

    '--force "--password=$MYSQL_ROOT_PASSWORD" --user=root"'



zstdcat "$src/nextcloud_volume.tar.zstd" | \

    nc_run tar -x



nc_run php occ maintenance:mode --off

docker-compose.yml

+1 −0
Original line number Diff line number Diff line
@@ -38,6 +38,7 @@ services: 
    restart: always

    volumes:

      - /run/docker.sock:/run/docker.sock

      - /var/backups/nextcloud:/var/backups



  mysql:

    command: >-